Abstract

Using non-deterministic execution of cryptographic algorithms has been proposed as an effective defence against differential power analysis (DPA) attacks. Such attacks are thwarted by, for example, buffering the instruction stream and issuing instructions in a random though valid order. For random instruction issue to be effective, the fetch unit must be able to supply a steady stream of instructions so as to maximise the number of instructions from which to randomly select. We describe a mechanism which has been specialised to the task of minimising the number of fetch unit stalls while encapsulating jump related behaviour in one place. Since this mechanism helps to maximise the level of security against DPA while allowing subsequent pipeline stages to be less complex, it is a valuable addition to current non-deterministic processors.